[
https://issues.apache.org/jira/browse/DLAB-1772?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vira Vitanska updated DLAB-1772:
--------------------------------
Description:
As user I want that another user will not be able to go to my notebook event if
he has the link to my Notebook, so that I will be confident that my Notebook
data is in security.
If user (Project_admin of another project or not admin) has a notebook link of
the other user he can go to this Notebook via his own credentials and view
files of the other user on this Notebook.
So we should limit the access to this link from DevOps side (by the level of
Keycloak).
was:
If user (Project_admin of another project or not admin) has a notebook link of
the other user he can go to this Notebook via his own credentials and view
files of the other user on this Notebook.
So we should limit the access to this link from DevOps side (by the level of
Keycloak).
> Adjust permission to Notebook links from DevOps side
> ----------------------------------------------------
>
> Key: DLAB-1772
> URL: https://issues.apache.org/jira/browse/DLAB-1772
> Project: Apache DLab
> Issue Type: Task
> Components: DLab Main
> Reporter: Vira Vitanska
> Priority: Minor
> Labels: AWS, AZURE, Debian, DevOps, GCP, RedHat
>
> As user I want that another user will not be able to go to my notebook event
> if he has the link to my Notebook, so that I will be confident that my
> Notebook data is in security.
> If user (Project_admin of another project or not admin) has a notebook link
> of the other user he can go to this Notebook via his own credentials and view
> files of the other user on this Notebook.
> So we should limit the access to this link from DevOps side (by the level of
> Keycloak).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@dlab.apache.org
For additional commands, e-mail: dev-h...@dlab.apache.org
